Asset 5

How to identify email threats

Man checking his emails

How to identify email

Threats

With 65% of businesses suffering from a cyber attack in the past 12 months, and this number only ever increasing, it’s important for your business to be aware of weak points in your IT systems that could lead to a potential disaster. Phishing emails are becoming a progressively more popular way to attack individuals and businesses, which is why it’s critical for your teams to understand what to look out for in a phishing attempt.

What is phishing?

‘Phishing’ is when cybercriminals attempt to use scam emails, texts, or phone calls, to trick victims into clicking a link and downloading a virus, opening a malware-laden attachment, or sending across sensitive information such as usernames and passwords.

What to look out for in phishing emails

Phishing emails can cause chaos for businesses, but there are several factors that can help employees identify a phishing email from a regular email, and if ever in doubt, it’s best to check with your IT department or provider.

  1. Language

Phishing emails often have an unfamiliar tone or greeting. If a sender is pretending to be someone you know, a clear tell is whether their language is over-formal or incredibly casual. Poor grammar and spelling is also something else to look out for, as most professional businesses will have spell check and autocorrect features installed for outbound emails, so there shouldn’t be many errors if an email has been sent from a trusted source. If upon reading an email the language seems strange, it’s worth looking for other indicators that it could be a phishing scam.

2. Email addresses, links, and domain names

Paying attention to email addresses, links, and domain names is another way to identify whether an email could be a phishing attempt. Some attempts will have what you think is a legitimate company’s email address, but on closer inspection, may have been sent from a Hotmail, Yahoo, or Gmail account. Generally speaking, business emails will be sent from business email addresses. In terms of links, one’s with domain names that don’t simply end in .com, .co.uk, .org, or .ac.uk, should be questioned. Phishing emails and suspicious links also tend to use a collection of random letters, numbers, and symbols, so this is something else to be aware of.

3. Sense of urgency

Another sign that an email may be a phishing scam is whether it communicates a sense of urgency. Urgent language is often used in phishing attempts to fluster a potential victim into completing an action, such as clicking a dodgy link or attachment without paying too much attention to the finer details of the email. This is so the email isn’t examined thoroughly enough, meaning that other potential indicators it could be a phishing email are missed.

4. Request for personal information

A key indication that an email is a phishing attempt is a request for personal information. More sophisticated cybercriminals will create dedicated landing pages requesting for a payment to be made to settle an outstanding debt. Other phishing emails may also ask for personal details, such as passport information or other credentials. Sending any sensitive personal information to unverified sources could cause serious ramifications for businesses or individuals. It’s important to be incredibly cautious if any emails like these are received and not expected.

As technologies become more sophisticated, so do the ways in which cybercriminals try to hack into a business. Phishing attempts are a popular method of trying to get personal information or attack business systems with a virus, however, training employees on how to identify phishing emails will go a long way to protecting your business. Anything suspicious or out of the ordinary should be reported to make sure it doesn’t happen to others in the business. In addition to this, modern email software can help protect businesses against these types of cyber threats by vetting emails before they enter employee inboxes.

If your business is unsure about how protected it is against phishing emails and other cyber threats, please don’t hesitate to get in touch, and our team can offer advice, guidance, and a free IT audit to help give you peace of mind. For more information, please call us on 03300 535 730 or email info@amitechit.co.uk.